People in the industry are always talking about the best practices, and how they relate to PHP Security and application development. However, sometimes we forget to watch out for the worst practices, deadly sins that can strike even the most proficient programmer.

Working in the industry over the last several years I have come across these deadly sins time and time again, even falling prey to them myself. As a developer it’s extremely easy to get over confident, and start trusting yourself too much. The problem is that when disaster strikes, it often catches us off guard, in the worst ways possible.

As a software engineer or developer we have to make sure we keep ourselves on our toes, and keep our guard up at all times to make sure we are continuously growing, ensuring quality, and working to reduce the risk of human error.

Deadly Sin #1: Getting too comfortable

I think one of the greatest sins doesn’t just apply to PHP, but to programming, and life in general. We, as programmers, often get too comfortable with what we know. We get comfortable doing something a certain way, and because of this we are unwilling to re-evaluate how we do things, or look for better ways. Perhaps the best example of this can be found in the ever popular framework wars. Many programmers stick to a framework for the sole reason that it’s what they know, instead of evaluating the pros and cons of other frameworks and the needs of their project.

Likewise, instead of evaluating our own code to make sure we are doing things the best way, we get in an “it works, so it’s good” mindset. One of the huge advantages of working in a team is the ability to collaborate with team members. Many times I’ve written code that “works” and I thought it was done the best way, only to have another co-worker point out a much simpler, more efficient way… And many of those times I KNEW the right way to write the code, and KNEW that way would work, but I was too busy focusing on what I was coding to look outside of the box to see what I was actually doing.

I guess the best way to explain this is when you write code, and then come to look at it a week later. How many times do you ask yourself what were you thinking!? As programmers we need to make sure we are constantly challenging ourselves to grow and expand our horizons. We need to put aside our pride and move outside of our comfort zone… otherwise it will be a lot more uncomfortable when our scripts get hacked, or technology passes us by.

It’s important to make sure you are staying up to date by getting involved in your local PHP community, checking out the latest PHP blogs, reading, sharing code with your peers, and constantly attending training to make sure you are in the know, and find out if things could be done better, or more securely.